Reply under 37 CFR 1.116 
Expedited Procedure - Technology Center 2100 

Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings of claims in the 
application. Applicant has submitted a new complete claim set Applicant has submitted 
a new complete claim set showing marked up claims with insertions indicated by 
underlining and deletions indicated by strikeouts and/or double bracketing. 

Listing of Claims: 

1 . (Canceled) 

2. (Currently Amended) A method of inviting and joining a peer to a secure 
peer-to-peer group comprising the steps of: 

obtaining a public key of a peer; 

forming, by a first member of the group, a group membership certificate 
containing the peer's public key and signed with a group private key of a group 
public/private key pair; and 

sending the group membership certificate from the first member to the peer to 
invite the peer to join the group, the group membership certificate allowing the peer to 
join the group through a second member other than the first member; 

receiving, at a second member of the group different from the first member, a 
connect message from the peer containing the group membership certificate, the 
connect message reouesting connection to the secure peer-to-peer group: 

the second member, authenticating the group membership certificate before 

allowing the peer to connect to the secure peer-to-peer group . 
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3. (Previously Presented) The method of claim 2, further comprising the 
step of generating a group shared key to be used to encrypt group traffic. 

4. . (Original) The method of claim 2, wherein the step of forming a group 
membership certificate comprises the step of forming a group membership certificate 
having a structure [Version, ID, Peer ID, Serial Number, Validity, Algorithms, P| D , 

P|ssuer]K|ssuer. 

5. (Currently Amended) The method of claim 2, furth e r compr i s i ng th e 
st e ps of: 

rec ei v i ng a wherein the group membership certificate in the connect message 
from the peer containing the group membership c e rt i f i cate i s_signed by a private key 
pair of the peer f s public key; 

auth e nticat i ng the group memb e rsh i p certif i cate signed by th e peer's pr i vate key; 

i in r\ 
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when the step of authenticating is successful, 

sending an accept message to the peer, and 
sending a group shared key to the peer. 

6. (Previously Presented) The method of claim 5, wherein the step of 
authenticating comprises the steps of: 

verifying that at least one signature of the group membership certificate is valid; 

verifying that the group membership certificate has not expired; 

verifying that a hash of the peer's public key matches an identification of the 

peer; 

opportunistically verifying ownership of the group membership certificate. 

Type of Response: Amendment after FINAL 
Application Number: 09/955,924 
Attorney Docket Number: 1 77765.01 
Filing Date: 09/19/2001 

3/23 



Reply under 37 CFR 1.116 
Expedited Procedure - Technology Center 2100 



7. (Previously Presented) The method of claim 5, wherein the step of 
authenticating comprises the steps of: 

determining if the group membership certificate is listed in a group certificate 
revocation list (GCRL); 

determining if any certificates in a chain of group membership certificates is 
listed in the GCRL; 

when any certificates in the chain is listed in the GCRL, determining if a date of 
revocation of the certificate in the chain is before a date of issue of the group 
membership certificate; and 

when the date of revocation is after the date of issue, issuing a second group 
membership certificate to the peer. 

8. (Currently Amended) In a secure peer-to-peer group having a predefined 
public/private key pair (Pc/K G ), a method of inviting a peer to join the group, comprising 
the steps of: 

obtaining a public key (Pui) of a peer by a first member of the peer-to-peer 

group; 

forming by the first member a first group membership-certificate containing the 
peer's public key (Pui) and a second group membership certificate signed with the group 
private key (K c ), the first group membership certificate being signed with a private key 
of the first member (Ku2); aftd 

sending the first and second group membership certificates from the first 
member to the peer to invite the peer to join the group : and 

receiving, at a second member different from the first member, a connect 
message from the peer containing the first group membership certificate . 
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9. (Previously Presented) The method of claim 8, wherein the step of 
forming by the first member comprises the step of forming a group membership 
certificate having a structure ((Pui)K c )Ku2). 

1 0. (Currently Amended) The method of claim 8, furth e r compr i s i ng the 
steps of: 

r e c e iv i ng, at a s e cond m e mb e r different from the f i rst member, a wherein the 
connect message from the peer conta i ning contains a third group certificate comprising 
the first group membership certificate signed by a private key pair of the peer's public 
key; 

authenticating the third group certificate; and 

when the step of authenticating is successful, 

sending an accept message to the peer from the second member, and 
sending a group shared key to the peer from the second member. 

1 1 . (Previously Presented) The method of claim 1 0, wherein the step of 
authenticating comprises the steps of: 

verifying that a signature of the third group certificate is valid; 
verifying that the third group certificate has not expired; 
verifying that a hash of the peer's public key matches a peer identification; 
opportunistically verifying ownership of the third group certificate. 

1 2. (Previously Presented) The method of claim 1 0, wherein the step of 
authenticating comprises the steps of: 
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determining if the third group certificate is listed in a group certificate revocation 
list (CCRL); 

determining if either of the first and second group membership certificates is 
listed in the GCRL; 

when either of the first and second group membership certificates is listed in the 
GCRL, determining if a date of revocation is before a date of issuance of the third group 
certificate; and 

when the date of revocation is after the date of issuance, issuing a new group 
certificate to the peer. 

1 3. (Previously Presented) A method of securely joining a peer-to-peer 
group by a peer having a public and a private key, comprising the steps of: 

receiving a group invitation from a first member containing an invitation 
certificate having a group ID provided therein; 

resolving the group ID to find a third member of the group different from the 
first member; 

sending a connect message to the third member containing the invitation 
certificate signed with the private key; 

receiving an accept message from the third member containing a group 
membership certificate signed by a private key of the third member; and 

receiving a group shared key to enable decryption of group traffic. 

1 4. (Previously Presented) The method of claim 1 3, further comprising the 
step of authenticating the group membership certificate signed by the private key of the 
third member to ensure the member's association with the group. 
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1 5. (Previously Presented) The method of claim 1 4, further comprising the 
step of resolving the group ID to find a second member of the group to which to 
connect when the step of authenticating the group membership certificate signed by the 
private key of the third member fails. 

1 6. (Previously Presented) The method of claim 14, wherein the step of 
authenticating comprises the steps of: 

verifying that a signature of the group membership certificate is valid; 

verifying that the group membership certificate has not expired; 

verifying that a hash of the third member's public key matches a member 
identification; 

opportunistically verifying ownership of the group membership certificate. 

1 7. (Previously Presented) The method of claim 1 3, wherein the step of 
receiving a group invitation from a first member containing an invitation certificate 
having a group ID provided therein comprises the step of receiving a group invitation 
from the first member containing an invitation certificate and a group membership 
certificate; and 

wherein the step of resolving the group ID to find a member of the group 
comprises the step of resolving the group ID to find a second member of the group; and 

wherein the step of sending a connect message to the member containing the 
invitation certificate signed with the private key comprises the step of sending a connect 
message to the second member containing the invitation certificate and the group 
membership certificate from the first member. 
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1 8. (Previously Presented) A method of securely admitting a peer to a peer- 
to-peer group, comprising the steps of: 

receiving at a first member of the peer-to-peer group, a connect message from 
the peer containing an invitation certificate generated by a second member of the peer- 
to-peer group and signed by a private key of the peer, the first member being different 
from the second member; 

authenticating the invitation certificate signed by the peer's private key; and 

when the step of authenticating is successful, 

sending an accept message to the peer, and 
sending a group shared key to the peer. 



1 9. (Previously Presented) The method of claim 1 8, wherein the step of 
authenticating comprises the steps of: 

verifying that a signature of the invitation certificate is valid; 
verifying that the invitation certificate has not expired; 

verifying that a hash of a public key of the peer matches a peer identification of 
the peer. 



20. (Previously Presented) The method of claim 1 8, wherein the connect 
message from the peer further contains a group membership certificate from the second 
member. 

21 . (Previously Presented) The method of claim 20, wherein the step of 
authenticating comprises the steps of: 

determining if the group membership certificate is listed in a group certificate 
revocation list (CCRL); 
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when the group membership certificate is listed in the GCRL, determining if a 
date of revocation of the group membership certificate is before a date of issuance of 
the invitation certificate; and 

when the date of revocation is after the date of issuance, issuing a new group 
membership certificate to the peer. 

22. (Previously Presented) A computer-readable medium having computer- 
executable instructions for performing the steps of claim 2. 

23. (Original) A computer-readable medium having computer-executable 
instructions for performing the steps of claim 8. 

24. (Original) A computer-readable medium having computer-executable 
instructions for performing the steps of claim 1 3. 

25. (Original) A computer-readable medium having computer-executable 
instructions for performing the steps of claim 1 8. 
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